Beispiel #1
0
    protected void btnSubmit_Click(object sender, EventArgs e)
    {
        string        strcon = System.Web.Configuration.WebConfigurationManager.ConnectionStrings["ConStrLANDCOMPLocal"].ConnectionString;
        SqlConnection con    = new SqlConnection(strcon);

        int LDAPx = 0;

        if (LDAPx == 0)
        {
            SqlCommand com = new SqlCommand("CheckUser", con);
            com.CommandType = CommandType.StoredProcedure;
            SqlParameter p1 = new SqlParameter("username", txtusername.Text);
            SqlParameter p2 = new SqlParameter("password", txtpassword.Text);
            com.Parameters.Add(p1);
            com.Parameters.Add(p2);
            con.Open();

            SqlDataReader rd = com.ExecuteReader();
            if (rd.HasRows)
            {
                rd.Read();
                Session.Timeout   = 600;
                Session["userid"] = rd["userid"].ToString();
                Session["namass"] = rd["namass"].ToString();
                Session["groups"] = rd["groups"].ToString();
                Session["lanjut"] = rd["lanjut"].ToString();
                Session["except"] = rd["excepts"].ToString();

                Response.Redirect("pages/home.aspx");
            }
            else
            {
                Response.Write("<script language=\"javascript\" type=\"text/javascript\">");
                Response.Write("alert('Username atau Password Salah..');");
                Response.Write("location.href = 'login.aspx';");
                Response.Write("</script>");
            }
        }

        else if (ldap.Login(txtusername.Text, txtpassword.Text))
        {
            DataTable dt = getUserDetail(txtusername.Text);
            if (dt == null)
            {
                Response.Write("<script language=\"javascript\" type=\"text/javascript\">alert('Maaf anda tidak memiliki hak akses aplikasi ini');</script>");
                //Response.Redirect("Login.aspx");
            }
            else
            {
                var ipaddress = "";
                ipaddress       = GetUserIP().ToString();
                Session.Timeout = 600;
                var chars       = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
                var stringChars = new char[15];
                var random      = new Random();

                //for (int i = 0; i < stringChars.Length; i++)
                //{
                //    stringChars[i] = chars[random.Next(chars.Length)];
                //}

                //var finalString = new String(stringChars);

                //Session["idunik"] = finalString;
                //Session["userID"] = (string)dt.Rows[0]["usrgpUsrId"].ToString();
                //Session["userNames"] = (string)dt.Rows[0]["usersNames"].ToString();
                //Session["groupID"] = (string)dt.Rows[0]["usrgpGrpId"].ToString();
                //Session["groupName"] = (string)dt.Rows[0]["groupNames"].ToString();
                //Session["usersWilay"] = (string)dt.Rows[0]["usersWilay"].ToString();
                //Session["ipaddress"] = ipaddress.ToString();
                //string groupid = (string)dt.Rows[0]["usrgpGrpId"].ToString();
                //if (groupid.Equals("23") || groupid.Equals("24"))
                //{
                //    Response.Write("<script language=\"javascript\" type=\"text/javascript\">");
                //    Response.Write("location.href = 'pages/MenuAwalInspeksi.aspx';");
                //    Response.Write("</script>");
                //}

                //Response.Write("<script language=\"javascript\" type=\"text/javascript\">");
                //Response.Write("location.href = 'pages/MenuAwalFlex.aspx';");
                //Response.Write("</script>");
                ////Response.Redirect("pages/MenuUtama.aspx");

                SqlCommand com = new SqlCommand("CheckUser", con);
                com.CommandType = CommandType.StoredProcedure;
                SqlParameter p1 = new SqlParameter("username", txtusername.Text);
                SqlParameter p2 = new SqlParameter("password", txtpassword.Text);
                com.Parameters.Add(p1);
                com.Parameters.Add(p2);
                con.Open();

                SqlDataReader rd = com.ExecuteReader();
                if (rd.HasRows)
                {
                    rd.Read();
                    Session.Timeout   = 600;
                    Session["userid"] = rd["userid"].ToString();
                    Session["namass"] = rd["namass"].ToString();
                    Session["groups"] = rd["groups"].ToString();
                    Session["lanjut"] = rd["lanjut"].ToString();
                    Session["except"] = rd["excepts"].ToString();

                    Response.Redirect("pages/home.aspx");
                }
                else
                {
                    Response.Write("<script language=\"javascript\" type=\"text/javascript\">");
                    Response.Write("alert('Username atau Password Salah..');");
                    Response.Write("location.href = 'login.aspx';");
                    Response.Write("</script>");
                }
            }
        }
    }